package com.zqf.shiro.controller;

import com.zqf.shiro.pojo.User;
import com.zqf.shiro.service.UserService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.security.auth.message.AuthException;

/**
 * @Author zqf
 * @Date 2022/12/21 15:12
 * @Description: 用户管理
 */

@RestController
@RequestMapping("manager/")
@Api(tags = "用户管理")
public class UserManagerController {

    @Autowired
    private UserService userService;


    /**
     * 修改用户，只有管理员才能修改用户
     */
    @PostMapping("/update")
    @RequiresRoles(value={"admin"})
    @ApiOperation("修改用户")
    public String update(@RequestBody User user) throws AuthException {
        // return userService.updateUser(user);
        //模仿修改用户
        return "修改成功";
    }


    /**
     * 查看用户，管理员和用户都可以查看
     */
    @PostMapping("/query")
    @RequiresRoles(value={"admin","user"},logical = Logical.OR)
    @ApiOperation("查看用户")
    public String list(@RequestBody User user) throws AuthException {
        // return userService.updateUser(user);
        //模仿修改用户
        return "用户信息";
    }

}
